Looks fine to me. Thanks! Xuelei
On 1/23/2015 10:24 AM, Jamil Nimeh wrote: > Hi Xuelei, et al.: > > Updated webrev: > http://cr.openjdk.java.net/~jnimeh/reviews/8044860/webrev.02 > > Thanks, > --Jamil > > On 01/22/2015 04:26 PM, Xuelei Fan wrote: >> I may use SSLProtocolException if the size of session ID is bigger than >> 32. Otherwise, looks fine to me. >> >> Xuelei >> >> On 1/23/2015 2:35 AM, Jamil Nimeh wrote: >>> Hi all, >>> >>> This review is to provide length checks on the session ID for SSL/TLS >>> connections. It appears to be the only vector/array that needs >>> additional length-checks to make sure it's not exceeding 32 bytes. >>> >>> Bug: https://bugs.openjdk.java.net/browse/JDK-8044860 >>> Webrev: http://cr.openjdk.java.net/~jnimeh/reviews/8044860/webrev.01 >>> >>> Thanks, >>> --Jamil >
